Search code examples
javaservletsjakarta-eeweblogic12c

Form-Based weblogic Authentication login Issue


I am following this tutorial to create a form-based authentication. However when I try to login it fails and remains on the login screen. I've also looked at this tutorial and tried its web.xml but I can't seem to find what is wrong.

Also it does not seem to go to my login-failed.jsp when I enter the wrong username and password.

In addition on my weblogic server security realm there is a group called weblogic_admin I created a user with password and linked it to weblogic_admin.

Any pointers would be great!

logon.jsp

<s:form method="post" action="j_security_check">
    <tr align="center">
      <td align="right"><b>User ID / ID-utilisateur:</b></td>
      <td align="left"><input type="text" name="j_username" maxlength="8"/></td>
    </tr>

    <tr align="center" >
      <td align="right"><b>Password / Mot de passe:</b></td>
      <td align="left"><input type="password" name="j_password"/></td>
    </tr>
  <div>
    <s:submit value="Logon"/>
  </div>
</s:form>

web.xml

 <security-constraint>
    <web-resource-collection>
        <web-resource-name>ADMIN access</web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>


 <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>realm</realm-name>
    <form-login-config>
        <form-login-page>/logon.jsp</form-login-page>
        <form-error-page>/login-failed.jsp</form-error-page>
    </form-login-config>
</login-config>


<security-role>
    <role-name>admin</role-name>
</security-role>

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>

WebLogic.xml

<security-role-assignment>
    <role-name>admin</role-name>
    <principal-name>weblogic_admin</principal-name>
</security-role-assignment>

Solution

  • I can't see anything obviously wrong, but these things are notoriously finicky.

    There is demo code for that tutorial in GitHub. If you can get the demo to work, you can play spot the difference, between your code and the demo, and work out what the problem is.